Perl 6 - the future is here, just unevenly distributed

IRC log for #openam, 2015-05-19

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
01:02 MegaMatt joined #openam
03:09 daveloper joined #openam
05:28 ramteid joined #openam
06:32 asyd morning folks
07:32 daveloper joined #openam
07:47 KermitTheFragger joined #openam
07:53 crabmeat joined #openam
07:58 hos001 joined #openam
08:42 aldaris joined #openam
08:46 tudorg joined #openam
08:54 aldaris joined #openam
10:29 rcaselli joined #openam
10:30 rcaselli hi
10:30 aldaris hi
10:30 rcaselli I have an issue with OpenAM + tomcat j2ee agent with replication
10:31 rcaselli here's my flow:
10:31 rcaselli I connect to server1 and login
10:32 rcaselli I then can browse both openam admin and my app
10:32 rcaselli then if I connect to server2 openam admin everything works correctly
10:32 rcaselli while connecting to server2/myapp results in a redirect loop
10:33 rcaselli (the same happens if I start logging in from server2 and then go to server1
10:33 rcaselli )
10:33 rcaselli in the openam agent log I see on server1:
10:34 rcaselli ERROR: Site http://server2.mydomain.com:8080/openam/sessionservice is down
10:34 rcaselli (if from a browser I hit that page I get 'OpenSSO'
10:35 rcaselli OpenAM v12
10:35 rcaselli any clue?
10:36 aldaris can your agent access the sessionservice?
10:37 rcaselli how can I test that?
10:37 aldaris telnet/wget/curl from the agent's ssh terminal to openam?
10:37 rcaselli yes
10:38 rcaselli 200 OK
10:38 rcaselli OpenSSO
10:38 rcaselli with curl
10:38 aldaris if you look at the agent's bootstrap configuration
10:38 aldaris what do you have configured for naming url?
10:39 rcaselli com.iplanet.am.naming.url=http://server1.mydomain.com:8080/openam/namingservice
10:39 rcaselli on server 1
10:40 aldaris do you have site configured?
10:40 rcaselli Configuration -> Servers and Sites? No
10:41 rcaselli what should I put there?
10:41 aldaris either you'll need to configure a site with a primary site URL and define the primary site URL for the naming url for both agent nodes
10:41 aldaris where the primary site URL is preferably an internal LB URL
10:41 rcaselli will this work without LB?
10:41 rcaselli my scenario is 'manual' switchover
10:41 aldaris or you skip the site bit and just modify the naming url to include the server2 node as well, it's a space separated setting
10:42 rcaselli ok
10:42 rcaselli I'll then have to restart the agent container right and the openam container?
10:43 aldaris not openam, no
10:43 rcaselli ok
10:44 aldaris only the agents, since you should be only changing the agent settings right
10:44 rcaselli so I end up with:
10:44 rcaselli com.iplanet.am.naming.url=http://server1.mydomain.com:8080/openam/namingservice http://server2.mydomain.com:8080/openam/namingservice
10:44 rcaselli on server1
10:44 aldaris that should do it, yes
10:44 rcaselli and reversed on server2
10:44 aldaris sounds good
10:46 rcaselli this will continue to work even if one of the 2 server goes down correct?
10:46 rcaselli I mean users will still be able to authenticate
10:56 rcaselli thanks aldaris! from a quick test it seems you saved my day :)
11:28 MegaMatt joined #openam
12:16 aldaris joined #openam
12:44 fatbloke joined #openam
13:57 aldaris joined #openam
17:02 daveloper joined #openam
17:41 russoisraeli joined #openam
17:43 russoisraeli hello everyone. I need to tweak a Tomcat/spring webapp that redirects to OpenAM for web auth. For some reason the URL being redirected to has a wrong meta alias - idp1 vs. idp… does anyone have any idea where this could be configured on the client?
18:16 daveloper joined #openam
18:32 daveloper joined #openam
19:10 russoisraeli can someone help me - what “invalid signature in request” error?
19:15 aldaris joined #openam
19:17 aldaris joined #openam
19:59 aldaris joined #openam
20:35 aldaris joined #openam
21:15 MegaMatt joined #openam
21:17 aldaris joined #openam
22:54 aldaris joined #openam
23:04 aldaris joined #openam
23:32 aldaris joined #openam
23:44 aldaris joined #openam

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary